8. advances in web engineering
DESCRIPTION
8. Advances in Web Engineering. SOA Security for e-Commerce. Introduction to SOA Environments. by Dennis Smith and Grace Lewis Software Engineering Institute. What is SOA?. Service-oriented architecture is a way of designing systems that enables Cost-efficiency Agility Adaptability - PowerPoint PPT PresentationTRANSCRIPT
SWE 444 - Internet & Web Application Development 8.1
8. Advances in Web Engineering
a. SOA
b. Security for e-Commerce
SWE 444 - Internet & Web Application Development 8.2
Introduction to SOA Environments
byDennis Smith and Grace LewisSoftware Engineering Institute
SWE 444 - Internet & Web Application Development 8.3
What is SOA?
Service-oriented architecture is a way of designing systems that enables• Cost-efficiency• Agility• Adaptability• Leverage of legacy investments
SWE 444 - Internet & Web Application Development 8.4
Services
Services are reusable components that represent business tasks.• Customer lookup• Account lookup• Credit card validation• Credit check• Hotel reservation• Interest calculation
Services can be• Globally distributed across
organizations• Reconfigured into new business
processes
SWE 444 - Internet & Web Application Development 8.5
Services and Cost-Efficiency
Order Processing Application
Customer Lookup - 1
Invoicing Application
Customer Lookup - 2
CRM Application
Customer Lookup - 3
Customer Lookup Service
A service with equivalent
functionality can be
implemented and used by all
three applications
SWE 444 - Internet & Web Application Development 8.6
Services and Agility
Order Processing Application
Customer Lookup Service
Credit Check
Service
Item Lookup Service
Inventory Check
Service
Course Management Application
Room Availability
Service
The new application can
easily use available services.
New services can be used by
other applications as
well.
SWE 444 - Internet & Web Application Development 8.7
Services and Adaptability
Order Processing Application
Customer Lookup Service
Credit Check
Service
Item Lookup Service
Inventory Check
Service
SOA Infrastructure
The SOA Infrastructure
provides a standard
communication mechanism
between applications and
services.
Changes in services have potentially no
impact on existing
applications that use them.
SWE 444 - Internet & Web Application Development 8.8
Services and Legacy Leverage
Order Processing Application
Customer Lookup Service
Credit Check
Service
Item Lookup Service
Inventory Check
Service
SOA Infrastructure
Customer Management
System
The applications access the
services in a standard way.
It is the service’s task to
invoke the legacy
system.
Legacy platform
diversity and complexity is transparent
to the application.
Manufacturing System
Components of an SOA-Based System
Application X
Service A
SOA Infrastructure
Enterprise Information System
Application Y
Application Z
Internet
Internet
External System
Service B
Service C
Service D
Internal Users
DiscoverySecurityDevelopment Tools
Legacy or New Code
SWE 444 - Internet & Web Application Development 8.10
In Summary …
SOA is an approach to software development where• Services provide reusable functionality with well-defined
interfaces.• An SOA infrastructure enables discovery, composition
and invocation of services. • Applications are built using functionality from available
services.
If managed well, SOA adoption can lead to• Cost-efficiency• Agility• Adaptability• Leverage of legacy investments
The hard part is the “if managed well”.
SWE 444 - Internet & Web Application Development 8.11
An SOA Provides The Complete Architecture For A System
SOA is an architectural pattern/style/paradigm and not the architecture of the system itself.
An architectural pattern provides guidance that embodies best practices.• The concrete elements and their interactions are the
architecture of the system.
Any number of systems can be developed based on an architectural pattern.• An architecture based on SOA inherits both the good and the
bad.
Corollary: SOA cannot be bought off-the shelf.• System qualities have to be built into the architecture of the
system.• Decisions have to be made—service design and
implementation, technologies, tradeoffs.
SWE 444 - Internet & Web Application Development 8.12
Using XML and WSDL Guarantees Interoperability Among Web Services Provided by Multiple Organizations
Web Services enable syntactic interoperability• XML Schema defines structure and data types• WSDL defines the interfaces: operations, parameters
and return values
Web Services do not guarantee semantic interoperability• XML and WSDL do not define the meaning of data• WSDL does not define what a service does• How to describe the meaning of Web Service
inputs and outputs in a formal manner - Active research area—unresolved issues
Interoperability needs agreement on both syntax and semantics
SWE 444 - Internet & Web Application Development 8.13
It Is Easy To Develop Applications Based on Services
It is relatively easy to build services to work with a particular infrastructure … but designing a “good” service might not be that easy.
• From a implementation standpoint- Ease depends on tool availability for SOA
infrastructure– There is plenty of guidance and excellent tool
support to implement, deploy, and manage services for Web Services
- Most difficult part is composition—data mismatches
• From a design standpoint- Designing a service interface in a way that it
can be used easily in many contexts is a much harder task.
– Not many best practices for designing services- Have to anticipate potential users and usage patterns
SWE 444 - Internet & Web Application Development 8.14
It is Easy to Compose Services Dynamically at Runtime
Current technologies have not advanced to the point that this is possible in production environments.
Requires the use of a common ontology by service providers and client applications within a domain
Requires the construction of extremely intelligent applications that• Construct the right queries for the discovery of
services• Compose services when there is not a single service
that can process the request• Provide the right data to invoke a service that was
discovered at runtime
SWE 444 - Internet & Web Application Development 8.15
Web Services
Web services is one mechanism for implementing an SOA-based system.
• Service interfaces are described using Web Services Description Language (WSDL)
• Data is transmitted using SOAP over HTTP
• UDDI is optionally used as the directory service
Because it is the most common mechanism, it is often equated to SOA.
SWE 444 - Internet & Web Application Development 8.16
Web Service Protocol Stack
The highlighted standards are the most commonly used
Most Web Service standards are emerging and even competing
Security, QoS, Transactions, and Management have to be addressed in all layers
DiscoveryUDDI
DescriptionWSDL
Message FormatSOAP
EncodingXML
TransportHTTP
Se
curity
Ma
na
ge
me
nt
Tra
nsa
ction
s
Qu
ality of S
ervice
Orchestration and Choreography
WSCL, WSCI, BPEL4WS, WS-Coordination
BPML, BPSS
Base Stack
Adapted from “XML and Web Services Unleashed”, SAMS Publishing
SWE 444 - Internet & Web Application Development 8.17
Web Services At Design Time
Alice obtains the WSDL
corresponding to Bob’s web
service
Alice runs the WSDL document
through tools that generate all the necessary
message construction code (e.g.
WSDL2Java)
Bob exposes functionality in a system as a
service (or creates a specific
service) and places a WSDL
document in an “accessible
place”
Alice adds code to her application that executes the
message construction
code to connect to Bob’s web
service and any additional code that uses the
response obtained from
Bob’s web service
SWE 444 - Internet & Web Application Development 8.18
Web Services At Run Time
1. User executes Alice’s application
3. When Bob’s HTTP server sees a SOAP message it sends it to the SOAP engine
2. Application builds a SOAP message and sends it to Bob’s service via HTTP
4. SOAP engine parses the message and constructs the call to Bob’s system
5. Bob’s system executes the invoked operation
6. Bob’s system returns operation results
HTTPRequest Call
ReturnHTTPResponse
7. SOAP engine builds response message and returns it via HTTP
HTTP Server Bob’s SystemUser at Alice’s Application
8. Alice’s application interprets response and displays results to the user.
SWE 444 - Internet & Web Application Development 8.19
Static vs. Dynamic
With today’s technology, discovery and composition of services are done at design time—Static• Developer discovers services and obtains addresses• Developer writes code to invoke the services located at these
addresses
There is a great amount of research to enable discovery and composition at runtime—Dynamic• Application discovers services and obtains addresses• Application contains code to invoke the discovered services
and “knows” what information to provide
There are a lot of “In-Between” techniques• Application discovers services but requires user intervention to
select services and provide the required information• Portals are configured such that “portlets” correspond to
services
SWE 444 - Internet & Web Application Development 8.20
In Summary …
Web Services are the most currently used approach to SOA implementation.• Basic infrastructure standards are fairly stable• More higher level standards are emerging
Web Services are not the only approach to SOA implementation.
SWE 444 - Internet & Web Application Development 8.21
Components of an SOA-Based Systems
1. Services
2. Applications
3. SOA Infrastructure
SWE 444 - Internet & Web Application Development 8.22
Our Scenario: SOA-Based System Components
Order Management
System
Financial System
Organization 1
Organization 2
Credit Card Validation
System
SO
A In
frastru
ctu
re
Order Processing Application
CRM Application
Shipping System
FedEx
Shipping System
UPS
Shipping System
DHL
Order Placement Application
Customer Organization
Internet
Internet
SWE 444 - Internet & Web Application Development 8.23
Distribution of SOA-Based System Development
Organizational ESB
Incorporation of Map Data
“Just-In-Time” Inventory Management
Software as a Service
Single Organization
Multiple Organizations
Net-Centric Operations
On the left side of the spectrum all three types of components are developed within the same organization.
On the right side of the spectrum each type of component is developed by a different organization.
There are many possibilities in between.
As you move to the right, the challenges are greater.
SWE 444 - Internet & Web Application Development 8.24
Application Developers 1
Focus on the discovery, composition and invocation of services, either statically at design time or dynamically at run time
SWE 444 - Internet & Web Application Development 8.25
Application Developers 2
1. Identify appropriate
services (both
internal and external)
that can be reused
Order Management
System
Financial System
Organization 1
Organization 2
Credit Card Validation
System
SO
A In
frastru
ctu
re
Order Processing Application
CRM Application
Shipping System
FedEx
Shipping System
UPS
Shipping System
DHL
Order Placement Application
Customer Organization
Internet
Internet
… as well as if it needs to become a service
provider itself
2. Understand the interfaces in terms of the functionality and QoS
provided by them
Application Developer needs to create a new application
using the SOA approach
3. Create the new system
using as many existing services
as possible
4. The application needs to be architected in such a way
that it can easily accommodate changes in
services interfaces …
SWE 444 - Internet & Web Application Development 8.26
Tasks for Application Developers
Understand the SOA infrastructure
Discover appropriate services to be incorporated into applications
Retrieve service description documentation
Invoke the identified services in applications• Data conversions• Error handling• Availability handling
Test the services for correctness in the context of the application being developed
SWE 444 - Internet & Web Application Development 8.27
Service Developers
Focus on the description and granularity of services so that applications can easily locate and use them with acceptable Quality of Service (QoS)
SWE 444 - Internet & Web Application Development 8.28
Service Developers
1. Identify what existing business
functionality can be
exposed/reused as services
Order Management
System
Financial System
Organization 1
Organization 2
Credit Card Validation
System
SO
A In
frastru
ctu
re
Order Processing Application
CRM Application
Shipping System
FedEx
Shipping System
UPS
Shipping System
DHL
Internet
Internet
4. Design, create and
publish services to internal and
external organizations
3. Anticipate requirements for future consumer systems and architect services in a
scalable fashion
2. Analyze service
interface, functionality and
QoS requirements for new consumer
systems
SWE 444 - Internet & Web Application Development 8.29
Tasks for Service Developers
Understand requirements of potential service users
Understand SOA infrastructure
Develop code that receives the service request, translates it into calls into new or existing systems, and produces a response
Describe and publish the service
Develop service initialization code and operational procedures• Service-Level Agreements (SLAs) are a topic of current
interest among service providers.
SWE 444 - Internet & Web Application Development 8.30
Infrastructure Developers
Focus on providing a stable infrastructure• Standards• Common services• Development tools
NOTE: The Enterprise Service Bus (ESB) is an example of an infrastructure designed to support the SOA paradigm.
SWE 444 - Internet & Web Application Development 8.31
Infrastructure Developers 2
Order Management
System
Financial System
Organization 1
Organization 2
Credit Card Validation
System
SO
A In
frastru
ctu
re
Order Processing Application
CRM Application
Shipping System
FedEx
Shipping System
UPS
Shipping System
DHL
Internet
Internet
Infrastructure developers have to design, create
and maintain these common services for
both internal and external use (if required)
Discovery
Security
Development Tools
Service Registry
There are common
services that are used by all applications
SWE 444 - Internet & Web Application Development 8.32
Tasks for Infrastructure Developers
Selection of standards to implement as part of the infrastructure
Development of a set of common infrastructure services for discovery, communication, security, etc.
Identification and development of binding mechanisms to satisfy the largest set of potential service users
Provision of tools for application and service developers
Documentation and support for the infrastructure
SWE 444 - Internet & Web Application Development 8.33
The Potential Problem
If the three types of components are developed within the same organization, the challenges are less.• Simpler communication between developers (or might
even be the same developers)
However, it is becoming increasingly common for these three types of components to be developed independently by separate organizations. • Decisions made locally by any one of these development
groups can have an effect on the other groups.
SWE 444 - Internet & Web Application Development 8.34
Sample Consequences of Decisions: Service Granularity 1
The granularity of service interfaces can affect the end-to-end performance of an SoS because services are executed across a network as an exchange of a service request and a service response.
• If service interfaces are too coarse-grained, clients will receive more data than they need in their response message.
• If service interfaces are too fine-grained, clients will have to make multiple trips to the service to get all the data they need.
SWE 444 - Internet & Web Application Development 8.35
Sample Consequences of Decisions: Service Granularity 2
Order Management
System
[Basic Info, Order History, Pending Orders] getCustomerInfo( CustomerId )
The Order Management System can expose the business functionality of
getting all the customer information in one call
OrderHistory getOrderHistory( CustomerId )
CustInfo getCustBasicInfo( CustomerId )
Order[] getPendingOrders( CustomerId )
Or the service can be more granular and provide three
different operations for each type of information
SWE 444 - Internet & Web Application Development 8.36
Sample Consequences of Decisions: Requirements 1
If service developers do not understand functionality and QoS needs of potential users of services, they might end up developing and deploying services that are never used
SWE 444 - Internet & Web Application Development 8.37
In Summary …
SOA-based systems are about more than just technology.
SOA-based systems development requires
1. Strategic approach to SOA implementation• Alignment with business goals
2. SOA governance• Policies, coordination and guidance for SOA
infrastructure providers, service providers, and application developers
3. Realistic technology evaluation• Context-based technology evaluations
4. Change of mindset• Different development and implementation approach
Security for e-Commerce
Definition of e-CommerceDefinition of e-Commerce
E-commerce involves E-commerce involves digitally enableddigitally enabled commercial commercial transactionstransactions between and among organizations and between and among organizations and individualsindividuals
Digitally enabled transactionsDigitally enabled transactions include all transactions include all transactions mediated by digital technologymediated by digital technology
Commercial transactionsCommercial transactions involve the exchange of value involve the exchange of value across organizational or individual boundaries in return across organizational or individual boundaries in return for products or servicesfor products or services
e-Commerce vs. e-Businesse-Commerce vs. e-Business E-Commerce: direct financial electronic transaction (e.g.,
ordering a book on Amazon.com) E-Business: use of the Internet and the Web to better support
any current manner of doing business.
Seven Unique Features of e-CommerceSeven Unique Features of e-Commerce
Is ubiquitous (available everywhere, all the time) Is ubiquitous (available everywhere, all the time)
Offers global reach (across cultural/national boundaries)Offers global reach (across cultural/national boundaries)
Operates according to universal standards (lowers market entry for Operates according to universal standards (lowers market entry for merchants and search costs for consumers)merchants and search costs for consumers)
Provides information richness (more powerful selling environment)Provides information richness (more powerful selling environment)
Is interactive (can simulate face-to-face experience, but on global Is interactive (can simulate face-to-face experience, but on global scale)scale)
Increases information density (amount and quality of information Increases information density (amount and quality of information available to all market participants)available to all market participants)
Permits personalization/customizationPermits personalization/customization
Types of e-CommerceTypes of e-Commerce
Classified by nature of market relationshipClassified by nature of market relationship Business-to-Consumer (B2C) Business-to-Business (B2B) Consumer-to-Consumer (C2C)
Classified by type of technology usedClassified by type of technology used Peer-to-Peer (P2P) Mobile commerce (M-commerce)
AdvantagesAdvantages
QuickQuick
EasyEasy
Time SaverTime Saver
Variety of choicesVariety of choices
ComparisonComparison
DisadvantagesDisadvantages
Security --- very importantSecurity --- very important
Speed of internet accessSpeed of internet access
Malfunction of websiteMalfunction of website
Physically touching the productPhysically touching the product
Shipping and handlingShipping and handling
Who to deal with when customer is not satisfiedWho to deal with when customer is not satisfied
Dimensions of e-Commerce SecurityDimensions of e-Commerce Security
IntegrityIntegrity: ability to ensure that information being displayed on a Web : ability to ensure that information being displayed on a Web site or transmitted/received over the Internet has not been altered in site or transmitted/received over the Internet has not been altered in any way by an unauthorized partyany way by an unauthorized party
NonrepudiationNonrepudiation: ability to ensure that e-commerce participants do : ability to ensure that e-commerce participants do not deny (repudiate) online actionsnot deny (repudiate) online actions
AuthenticityAuthenticity: ability to identify the identity of a person or entity with : ability to identify the identity of a person or entity with whom you are dealing on the Internetwhom you are dealing on the Internet
ConfidentialityConfidentiality: ability to ensure that messages and data are : ability to ensure that messages and data are available only to those authorized to view themavailable only to those authorized to view them
PrivacyPrivacy: ability to control use of information a customer provides : ability to control use of information a customer provides about himself or herself to merchantabout himself or herself to merchant
AvailabilityAvailability: ability to ensure that an e-commerce site continues to : ability to ensure that an e-commerce site continues to function as intendedfunction as intended
Dimensions of e-Commerce SecurityDimensions of e-Commerce Security
Security Threats in the e-Commerce EnvironmentSecurity Threats in the e-Commerce Environment
Three key points of vulnerability:Three key points of vulnerability: Client Server Communications channel
Most common threats:Most common threats: Malicious code Hacking and cybervandalism Credit card fraud/theft Spoofing Denial of service attacks Sniffing Insider jobs
A Typical E-commerce TransactionA Typical E-commerce Transaction
Vulnerable Points in an e-Commerce EnvironmentVulnerable Points in an e-Commerce Environment
Technology SolutionsTechnology Solutions
Protecting Internet communications (encryption)Protecting Internet communications (encryption)
Securing channels of communication Securing channels of communication (SSL, S-HTTP, VPNs)(SSL, S-HTTP, VPNs)
Protecting networks (firewalls)Protecting networks (firewalls)
Protecting servers and clients Protecting servers and clients
Protecting Internet Communications: Protecting Internet Communications: EncryptionEncryption EncryptionEncryption: The process of transforming plain text or : The process of transforming plain text or
data into cipher text that cannot be read by anyone other data into cipher text that cannot be read by anyone other than the sender and receiverthan the sender and receiver
Purpose:Purpose: Secure stored information Secure information transmission
Provides:Provides: Message integrity Nonrepudiation Authentication Confidentiality
CryptographyCryptography
Cryptography is the science or study of secret writing Cryptography is the science or study of secret writing (cipher texts)(cipher texts) Basic idea: convert clear text (also called plain text – the
original message) to ciphertext (the encrypted message)
Three Main CategoriesThree Main Categories Secret Key (Symmetric Encryption)
single key is used to encrypt and decrypt information Public/Private Key (Asymmetric Encryption)
two keys are used: one for encryption (public key) and one for decryption (private key)
One-way Function information is encrypted to produce a “digest” of the original information
that can be used later to prove its authenticity
Symmetric Key EncryptionSymmetric Key Encryption
Also known as secret key encryptionAlso known as secret key encryption
Both the sender and receiver use the same digital key to encrypt and Both the sender and receiver use the same digital key to encrypt and decrypt messagedecrypt message
Requires a different set of keys for each transactionRequires a different set of keys for each transaction
Data Encryption Standard (DES): Most widely used symmetric key Data Encryption Standard (DES): Most widely used symmetric key encryption today; uses 56-bit encryption key; other types use 128-bit keys encryption today; uses 56-bit encryption key; other types use 128-bit keys up through 2048 bitsup through 2048 bits
Other known symmetrical algorithmsOther known symmetrical algorithms Triple DES, DESX, GDES, RDES
168 bit key RC2, RC4, RC5
variable length up to 2048 bits IDEA - basis of PGP
128 bit key Blowfish
variable length up to 448 bits
Symmetric Key Encryption (Secret Key)Symmetric Key Encryption (Secret Key)
Strength of encryption technique depends on key Strength of encryption technique depends on key lengthlength
Advantages: Advantages: fast, ciphertext securefast, ciphertext secure
Disadvantages: Disadvantages: must distribute key in advance, key must distribute key in advance, key must not be revealedmust not be revealed
Simple Secret-Key ExampleSimple Secret-Key Example
P = “abra” which has the binary representation: P = “abra” which has the binary representation: 0110000101100010001110010110000101100001011000100011100101100001
Choose a random string of bits as the key Choose a random string of bits as the key 1001110101001000111101010101110010011101010010001111010101011100
Can use a simple XOR of the binary to get C Can use a simple XOR of the binary to get C 1111110000101010100001110011110111111100001010101000011100111101
To get P back, use the same algorithm and keyTo get P back, use the same algorithm and key
Data Encryption StandardData Encryption Standard
The algorithm for the Data Encryption Standard (DES) The algorithm for the Data Encryption Standard (DES) was developed by IBM in the early 1970swas developed by IBM in the early 1970s
DES uses a 56-bit keyDES uses a 56-bit key
The key uses 7 bits of eight 8-bit bytes (the 8th bit of each byte is used for parity)
DES is a block cipher that operates on one 64-bit block DES is a block cipher that operates on one 64-bit block of plaintext at a timeof plaintext at a time
There are 16 rounds of encryption in DES, where each There are 16 rounds of encryption in DES, where each round uses a different subkeyround uses a different subkey
DES Block DiagramDES Block Diagram
Public Key EncryptionPublic Key Encryption Probably most significant advance in the 3000 year history of Probably most significant advance in the 3000 year history of
cryptographycryptography
Public key cryptography solves symmetric key encryption problem Public key cryptography solves symmetric key encryption problem of having to exchange secret key of having to exchange secret key
Uses two mathematically related digital keys – public key (widely Uses two mathematically related digital keys – public key (widely disseminated) and private key (kept secret by owner)disseminated) and private key (kept secret by owner)
Both keys are used to encrypt and decrypt messageBoth keys are used to encrypt and decrypt message
Once key is used to encrypt message, same key cannot be used to Once key is used to encrypt message, same key cannot be used to decrypt messagedecrypt message
For example, sender uses recipient’s public key to encrypt For example, sender uses recipient’s public key to encrypt message; recipient uses his/her private key to decrypt itmessage; recipient uses his/her private key to decrypt it
Most common algorithm is the RSA algorithm with key lengths from Most common algorithm is the RSA algorithm with key lengths from 512 to 1024 bits512 to 1024 bits
Public Key Encryption (Asymmetric Encryption)Public Key Encryption (Asymmetric Encryption)
Advantages: Advantages: public key widely distributable, does public key widely distributable, does digital signaturesdigital signatures
Disadvantages: Disadvantages: slow (slow (RSA is about 1500 times RSA is about 1500 times slower than DES)slower than DES), key distribution, key distribution
RSARSA
by by RRivest, ivest, SShamir & hamir & AAdleman of MIT in 1977 dleman of MIT in 1977
The security of RSA is based on the difficulty of factoring The security of RSA is based on the difficulty of factoring large numberslarge numbers
The basic algorithm for confidentiality is very simple:The basic algorithm for confidentiality is very simple: ciphertext = (plaintext)e mod n plaintext = (ciphertext)d mod n private key = {d, n} public key = {e, n}
The difficulty in calculating The difficulty in calculating dd given given ee and and nn provides the provides the securitysecurity
Generating RSA keysGenerating RSA keys
To generate an RSA key pair, follow these steps:To generate an RSA key pair, follow these steps: Choose two prime numbers p and q and keep them
secret Calculate n = p x q Calculate φ(n) = (p - 1)(q - 1) Select e such that e is relatively prime to φ(n)
gcd (φ(n),e) = 1; 1< e <φ(n)
Calculate d = e -1 mod φ(n) Public Key KU = {e, n} Private Key KR = {d, n}
Example of RSA AlgorithmExample of RSA Algorithm
E ncr yption
plaintext88
plaintext88
cipher text1188 mod 187 = 11
K U = 7, 187
D ecr yption
F igur e 9.6 E xample of R SA A lgor ithm
711 mod 187 = 88
K R = 23, 187
23
One-Way FunctionOne-Way Function
non-reversible “quick” encryptionnon-reversible “quick” encryption
produces a fixed length value called a hash or produces a fixed length value called a hash or message digestmessage digest
used to authenticate contents of a messageused to authenticate contents of a message
Common message digest functionsCommon message digest functions MD4 and MD5
produces 128 bit hashes SHA
produces 160 bit hashes
Structure of MD4, MD5, and SHAStructure of MD4, MD5, and SHA
Pad message to a multiple of 512 bits:Pad message to a multiple of 512 bits:
Compute digest of padded message in 512-bit chunks:Compute digest of padded message in 512-bit chunks:
Cryptographic Services AllowCryptographic Services Allow
Digital Signatures Digital Signatures sign messages to validate source and integrity of the contents
Message DigestsMessage Digests short bit string hash of message
Digital EnvelopesDigital Envelopes secure delivery of secret keys
Certificates (Digital IDs)Certificates (Digital IDs) used to authenticate: users, web sites, public keys of
public/private pair, and information in general
Secure ChannelsSecure Channels encryption can be used to create secure channels over private
or public networks
Digital SignaturesDigital Signatures
Digital SignatureDigital Signature Encrypt sender’s identity string with sender’s private
key Concatenate the encrypted text and the identity
string together Encrypt this message with receiver’s public key to
create message Receiver decrypts the encrypted text with their
private key the cypher text portion of the message is decrypted
with sender’s public key The decrypted text can be compared with the normal
text to checks its integrity
Message DigestsMessage Digests
How to create and use a message digestHow to create and use a message digest sender uses message as input to digest function “sign” (encrypt) output (hash) with sender’s private
key send signed hash and original message (in plain
text) to receiver receiver decrypts hash with sender’s public key receiver runs plain text message through digest
function to obtain a hash if receiver’s decrypted hash and computed hash
match then message valid
Private Key
MessageHash
Function
Digest
Encrypt
Signature
Message
Signature
Hash Function
Decrypt
Public Key
Message
ActualDigest
ExpectedDigest
If actual and expected match, the signature is verified
Originator RecipientTransmitted Message
Digital EnvelopeDigital Envelope
Public/Private key encryption/decryption useful for Public/Private key encryption/decryption useful for internetinternet
Addresses weaknesses of public key encryption Addresses weaknesses of public key encryption (computationally slow, decreases transmission speed, (computationally slow, decreases transmission speed, increases processing time)increases processing time)
Uses symmetric key encryption to encrypt document but Uses symmetric key encryption to encrypt document but public key encryption to encrypt and send symmetric keypublic key encryption to encrypt and send symmetric key sender creates and uses symmetric (session) key to create
cipher text sender uses receiver’s public key to encrypt the symmetric key
- digital envelope sender transmits both cipher text and digital envelope to
receiver
Understand Key ManagementUnderstand Key Management
Key management is one of the most critical aspects of an encryption Key management is one of the most critical aspects of an encryption systemsystem
It includes creating strong keys, distributing them securely, certifying It includes creating strong keys, distributing them securely, certifying them, protecting while in use, and revoking them when they are them, protecting while in use, and revoking them when they are compromised or expiredcompromised or expired
Keys must be transported securely to ensure the integrity of the keysKeys must be transported securely to ensure the integrity of the keys
If keys are transmitted, they must be checked on arrival to ensure If keys are transmitted, they must be checked on arrival to ensure they have not been manipulated (usually done manually or by digital they have not been manipulated (usually done manually or by digital signatures)signatures)
Certificate Authorities (CAs) ensure the integrity of the keys and Certificate Authorities (CAs) ensure the integrity of the keys and prevent an attacker from introducing their own keysprevent an attacker from introducing their own keys
Digital CertificatesDigital Certificates Certificate Authorities (CAs) ensure the integrity of the keys and Certificate Authorities (CAs) ensure the integrity of the keys and
prevent an attacker from introducing their own keysprevent an attacker from introducing their own keys
Public keys require integrity protection (provided by certification), Public keys require integrity protection (provided by certification), but they do not require confidentiality protection. However, all but they do not require confidentiality protection. However, all copies of the private key of a public key system must be protected copies of the private key of a public key system must be protected at all timesat all times
Certification Authorities (CA)Certification Authorities (CA) used to distribute the public key of a public/private pair guarantees the validity of the public key
does this by verifying the credentials of the entity associated with the public key
Some Cases VeriSign - http://www.verisign.com Entrust - http://www.entrust.com
Public key pairs are generally certified for one or two yearsPublic key pairs are generally certified for one or two years Session keys may only exist for a given session and may be deleted
after the session
… … Digital CertificatesDigital Certificates
Process to create Digital CertificateProcess to create Digital Certificate User generates public/private pair User creates and sends a certificate request his choice of CA
contains: identifying information and user’s public key Like Server, company, location, state, country and also the
documents proving identity CA confirms the accuracy of the information submitted CA creates a certificate containing user’s public key and
information CA creates message digest from certificate and signs it with
CA’s private key This a signed certificate The certificate is sent to the subscriber and also a copy of it
may be submitted to the certificate repository, such as a directory service for publication
… … Digital CertificatesDigital Certificates
Using a Digital CertificateUsing a Digital Certificate before sending a secure message sender request a
signed certificate from receiver sender decrypts signed certificate with CA’s known
public key to obtain message digest of info and public key provided to CA by receiver
sender creates a message digest of public key and info provided by the receiver for sender’s use
sender compare the message digests if they match then receiver is validated
Digital Certificate VerificationDigital Certificate Verification
Do I trust the CA? (Is it in my list of trust root certification Do I trust the CA? (Is it in my list of trust root certification authorities?)authorities?)
Is the certificate genuine?Is the certificate genuine? Look up the CA’s public key; use it to decrypt the signature Compute the certificate’s hash; compare with decrypted sig
Is the holder genuine? This requires a challengeIs the holder genuine? This requires a challenge
If the holder is genuine, he must know the private key If the holder is genuine, he must know the private key corresponding to the pubic key in the certificatecorresponding to the pubic key in the certificate
Having the certificate is not enough. (They are exchanged over the Having the certificate is not enough. (They are exchanged over the Internet all the time)Internet all the time)
Send him a nonce (random 128-bit number)Send him a nonce (random 128-bit number)
Challenge by NonceChallenge by Nonce
If you’re really Mr. X, you must know his private keyIf you’re really Mr. X, you must know his private key
So please encrypt this nonce:So please encrypt this nonce:“A87B1003 9F60EA46 71A837BC 1E07B371”“A87B1003 9F60EA46 71A837BC 1E07B371”
When the answer comes back, decrypt it using the When the answer comes back, decrypt it using the public key in the certificatepublic key in the certificate
If the result matches, the remote user knew the correct If the result matches, the remote user knew the correct private keyprivate key
Never use the same nonce twice Never use the same nonce twice
Types of Digital CertificatesTypes of Digital Certificates
site certificatessite certificates used to authenticate web servers
personal certificatespersonal certificates used to authenticate individual users
software publishers certificatessoftware publishers certificates used to authenticate executables
CA certificatesCA certificates used to authenticate CA’s public keys
All certificates have the common format standard of All certificates have the common format standard of X.509v3X.509v3
Digital Certificate ContentsDigital Certificate Contents
Name of holderName of holder
Public key of holderPublic key of holder
Name of trusted third party (certificate authority)Name of trusted third party (certificate authority)
DIGITAL SIGNATURE OF CERTIFICATE AUTHORITYDIGITAL SIGNATURE OF CERTIFICATE AUTHORITY
Data on which hash and public-key algorithms have Data on which hash and public-key algorithms have been usedbeen used
Other business or personal informationOther business or personal information
X.509 Version 3 Digital CertificateX.509 Version 3 Digital Certificate
VERSION # OF X.509
UNIQUE # ASSIGNED BY CA
EXAMPLES: MD5RSA,sha1RSA
USUALLY A DOMAIN NAME
EXAMPLES: RSA
Public Key Infrastructure (PKI)Public Key Infrastructure (PKI)
Digital certificates alone are not enough to establish Digital certificates alone are not enough to establish securitysecurity Need control over certificate issuance and management
PKI: refers to the CAs and digital certificate procedures PKI: refers to the CAs and digital certificate procedures that are accepted by all partiesthat are accepted by all parties
Functions of a PKIFunctions of a PKI Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital certificate Issue, maintain, administer, revoke, suspend, reinstate, and
renew digital certificates Create and manage a public key repository
Securing Channels of CommunicationSecuring Channels of Communication
Secure Sockets Layer (SSL): Most common Secure Sockets Layer (SSL): Most common form of securing channels of communicationform of securing channels of communication used to establish a secure negotiated session
(client-server session in which URL of requested document, along with contents, is encrypted)
S-HTTP: Alternative methodS-HTTP: Alternative method provides a secure message-oriented
communications protocol designed for use in conjunction with HTTP
Virtual Private Networks (VPNs)Virtual Private Networks (VPNs) Allow remote users to securely access internal
networks via the Internet, using Tunneling Protocol
Secure Negotiated Sessions Using SSLSecure Negotiated Sessions Using SSL
Internet TunnelsInternet Tunnels
virtual network circuit across the Internet virtual network circuit across the Internet between specified remote sitesbetween specified remote sites uses an encrypting router that automatically encrypts
all traffic that traverses the links of the virtual circuit
Tunneling ProtocolsTunneling Protocols PPTP by Microsoft - http://www.microsoft.com Layer 2 Forwarding (L2F) by Cisco -
http://www.cisco.com L2TP (combines PPTP and L2F) -
http://www.ietf.com
Secure Sockets LayerSecure Sockets Layer
SSL HistorySSL History Competitor to S-HTTP S-HTTP an extension of HTTP General purpose encryption system using symmetric
encryption S-HTTP only encrypts Web protocols Three versions v1.0, v2.0 and v3.0
SSL v3.0 implemented in Netscape 3.0 and Internet Explorer 3.0 and higher
SSL v3.0 supports Diffie-Hellman anonymous key exchange and Fortezza smart card
Secure Sockets LayerSecure Sockets Layer
SSL CharacteristicsSSL Characteristics Operates at the TCP/IP transport layer Encrypts (decrypts) input from application (transport)
layer Any program using TCP can be modified to use SSL
connections SSL connection uses a dedicated TCP/IP socket
(e.g. port 443 for https or port 465 for ssmtp)
Secure Sockets LayerSecure Sockets Layer
SSL CharacteristicsSSL Characteristics SSL is flexible in choice of which symmetric
encryption, message digest, and authentication algorithms can be used
When SSL client makes contact with SSL server they try to pick strongest encryption methods they have in common
SSL provides built in data compression compress first then encrypt
Secure Sockets LayerSecure Sockets Layer
SSL CharacteristicsSSL Characteristics When SSL connection established browser-to-server
and server-to-browser communications are encrypted. This includes: URL of requested document Contents of the document Contents of browser forms Cookies sent from browser to server Cookies sent from server to browser Contents of HTTP header But NOT particular browser to particular server
socket addresses not encrypted can use proxy server for privacy
Secure Sockets LayerSecure Sockets Layer
Establishing an SSL ConnectionEstablishing an SSL Connection The client (browser) opens a connection to server
port Browser sends “client hello” message. Client hello
message contains: version of SSL browser uses ciphers and data compression methods it supports
The Server responds with a “server hello” message. Server hello message contains session id the chosen versions for ciphers and data compression
methods
Secure Sockets LayerSecure Sockets Layer
Establishing an SSL Connection (con’t.)Establishing an SSL Connection (con’t.) The server sends its certificate
used to authenticate server to client
Optionally the server may request client’s certificate If requested, client will send its certificate of
authentication if client has no certificate then connection failure
Client sends a “ClientKeyExchange” message symmetric session key chosen digital envelope is created using server’s public key and
contains the symmetric session key
Secure Sockets LayerSecure Sockets Layer
Establishing an SSL Connection (con’t.)Establishing an SSL Connection (con’t.) Optionally, if client authentication is used the client
will send a certificate verify message Server and client send “ChangeCipherSpec”
message indicating they are ready to begin encrypted transmission
Client and server send “Finished” messages to each other These are a message digest of their entire conversation up
to this point If the digests match then messages were received without
interference
Client (Browser) Server
1. Client sends ClientHello message
2.Server acknowledges with ServerHello message
.Session Key
Server Certificate
Client Certificate
3. Server sends its certificate
(4. Server requests client’s certificate)
(5. Client sends its certificate)
Server’s public key 6. Client sends
“ClientKeyExchange” message
Server’s private key
Session keyDigital signature
(7. Client sends a “Certificate Verify” message)
8. Both send “ChangeCiperSpec” messages
9. Both send “Finished” messages
Digital envelope
..X
SSL Connection SetupSSL Connection Setup